Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-02-19YoroiMarco Ramilli
@online{ramilli:20200219:uncovering:4f04cd0, author = {Marco Ramilli}, title = {{Uncovering New Magecart Implant Attacking eCommerce}}, date = {2020-02-19}, organization = {Yoroi}, url = {https://marcoramilli.com/2020/02/19/uncovering-new-magecart-implant-attacking-ecommerce/}, language = {English}, urldate = {2020-02-20} } Uncovering New Magecart Implant Attacking eCommerce
magecart
2020-02-17YoroiYoroi
@online{yoroi:20200217:cyberwarfare:5b28cf2, author = {Yoroi}, title = {{Cyberwarfare: A deep dive into the latest Gamaredon Espionage Campaign}}, date = {2020-02-17}, organization = {Yoroi}, url = {https://blog.yoroi.company/research/cyberwarfare-a-deep-dive-into-the-latest-gamaredon-espionage-campaign/}, language = {English}, urldate = {2020-02-20} } Cyberwarfare: A deep dive into the latest Gamaredon Espionage Campaign
Pteranodon
2020-01-27YoroiLuigi Martire, Luca Mella
@online{martire:20200127:aggah:9ed3380, author = {Luigi Martire and Luca Mella}, title = {{Aggah: How to run a botnet without renting a Server (for more than a year)}}, date = {2020-01-27}, organization = {Yoroi}, url = {https://yoroi.company/research/aggah-how-to-run-a-botnet-without-renting-a-server-for-more-than-a-year/}, language = {English}, urldate = {2021-06-16} } Aggah: How to run a botnet without renting a Server (for more than a year)
LokiBot Azorult
2020-01-14YoroiYoroi
@online{yoroi:20200114:analysis:d5eb291, author = {Yoroi}, title = {{Analysis Run}}, date = {2020-01-14}, organization = {Yoroi}, url = {https://yomi.yoroi.company/report/5e1d77b371ef016089703d1a/5e1d79d7d1cc4993da62f24f/overview}, language = {English}, urldate = {2020-01-14} } Analysis Run
BitPyLock
2019-12-27YoroiYoroi
@online{yoroi:20191227:analysis:51fe39c, author = {Yoroi}, title = {{Analysis Run}}, date = {2019-12-27}, organization = {Yoroi}, url = {https://yomi.yoroi.company/report/5e1d7b06c21640608183de58/5e1d7b09d1cc4993da62f261/overview}, language = {English}, urldate = {2020-01-14} } Analysis Run
Yarraq
2019-12-20YoroiAntonio Farina, Luca Mella, Antonio Pirozzi
@online{farina:20191220:unveiling:0abaa1d, author = {Antonio Farina and Luca Mella and Antonio Pirozzi}, title = {{Unveiling JsOutProx: A New Enterprise Grade Implant}}, date = {2019-12-20}, organization = {Yoroi}, url = {https://blog.yoroi.company/research/unveiling-jsoutprox-a-new-enterprise-grade-implant/}, language = {English}, urldate = {2021-06-16} } Unveiling JsOutProx: A New Enterprise Grade Implant
JSOutProx
2019-12-09YoroiYoroi
@online{yoroi:20191209:analysis:0260785, author = {Yoroi}, title = {{Analysis Run}}, date = {2019-12-09}, organization = {Yoroi}, url = {https://yomi.yoroi.company/report/5deea91bac2ea1dcf5337ad8/5deead588a4518a7074dc6e6/overview}, language = {English}, urldate = {2020-01-06} } Analysis Run
SNC
2019-09-24YoroiAntonio Farina, Luca Mella
@online{farina:20190924:or:901ce1d, author = {Antonio Farina and Luca Mella}, title = {{APT or not APT? What's Behind the Aggah Campaign}}, date = {2019-09-24}, organization = {Yoroi}, url = {https://yoroi.company/research/apt-or-not-apt-whats-behind-the-aggah-campaign/}, language = {English}, urldate = {2021-06-16} } APT or not APT? What's Behind the Aggah Campaign
Azorult
2019-07-18Github (ZLab-Cybaze-Yoroi)ZLab-Cybaze-Yoroi
@online{zlabcybazeyoroi:20190718:zlab:b81caef, author = {ZLab-Cybaze-Yoroi}, title = {{ZLab - LooCipher Decryption Tool}}, date = {2019-07-18}, organization = {Github (ZLab-Cybaze-Yoroi)}, url = {https://github.com/ZLab-Cybaze-Yoroi/LooCipher_Decryption_Tool}, language = {English}, urldate = {2020-01-07} } ZLab - LooCipher Decryption Tool
looChiper
2019-07-02YoroiAntonio Farina, Antonio Pirozzi, Luca Mella
@online{farina:20190702:loocipher:3ec598c, author = {Antonio Farina and Antonio Pirozzi and Luca Mella}, title = {{LooCipher: The New Infernal Ransomware}}, date = {2019-07-02}, organization = {Yoroi}, url = {https://blog.yoroi.company/research/loocipher-the-new-infernal-ransomware/}, language = {English}, urldate = {2022-02-02} } LooCipher: The New Infernal Ransomware
looChiper
2019-06-08YoroiLuigi Martire, Davide Testa, Luca Mella, ZLAB-Yoroi
@online{martire:20190608:evolution:c9d130c, author = {Luigi Martire and Davide Testa and Luca Mella and ZLAB-Yoroi}, title = {{The Evolution of Aggah: From Roma225 to the RG Campaign}}, date = {2019-06-08}, organization = {Yoroi}, url = {https://yoroi.company/research/the-evolution-of-aggah-from-roma225-to-the-rg-campaign/}, language = {English}, urldate = {2021-06-16} } The Evolution of Aggah: From Roma225 to the RG Campaign
Revenge RAT
2019-05-29YoroiDavide Testa, Antonio Farina, Luca Mella
@online{testa:20190529:ta505:07b59dd, author = {Davide Testa and Antonio Farina and Luca Mella}, title = {{TA505 is Expanding its Operations}}, date = {2019-05-29}, organization = {Yoroi}, url = {https://blog.yoroi.company/research/ta505-is-expanding-its-operations/}, language = {English}, urldate = {2021-06-16} } TA505 is Expanding its Operations
RMS
2019-05-16YoroiLuigi Martire, Davide Testa, Antonio Pirozzi, Luca Mella
@online{martire:20190516:stealthy:930aa98, author = {Luigi Martire and Davide Testa and Antonio Pirozzi and Luca Mella}, title = {{The Stealthy Email Stealer in the TA505 Arsenal}}, date = {2019-05-16}, organization = {Yoroi}, url = {https://blog.yoroi.company/research/the-stealthy-email-stealer-in-the-ta505-arsenal/}, language = {English}, urldate = {2019-10-14} } The Stealthy Email Stealer in the TA505 Arsenal
TA505
2019-04-18YoroiZLAB-Yoroi
@online{zlabyoroi:20190418:apt28:709f72a, author = {ZLAB-Yoroi}, title = {{APT28 and Upcoming Elections: Evidence of Possible Interference (Part II)}}, date = {2019-04-18}, organization = {Yoroi}, url = {https://blog.yoroi.company/research/apt28-and-upcoming-elections-possible-interference-signals-part-ii/}, language = {English}, urldate = {2022-03-14} } APT28 and Upcoming Elections: Evidence of Possible Interference (Part II)
Seduploader
2019-04-09YoroiLuigi Martire, Luca Mella
@online{martire:20190409:limerat:90dd4a3, author = {Luigi Martire and Luca Mella}, title = {{LimeRAT spreads in the wild}}, date = {2019-04-09}, organization = {Yoroi}, url = {https://blog.yoroi.company/research/limerat-spreads-in-the-wild/}, language = {English}, urldate = {2022-02-02} } LimeRAT spreads in the wild
LimeRAT
2019-04-05YoroiDavide Testa, Antonio Pirozzi
@online{testa:20190405:ursnif:4670538, author = {Davide Testa and Antonio Pirozzi}, title = {{Ursnif: The Latest Evolution of the Most Popular Banking Malware}}, date = {2019-04-05}, organization = {Yoroi}, url = {https://blog.yoroi.company/research/ursnif-the-latest-evolution-of-the-most-popular-banking-malware/}, language = {English}, urldate = {2019-10-23} } Ursnif: The Latest Evolution of the Most Popular Banking Malware
ISFB
2019-03-26YoroiLuigi Martire, Davide Testa, Luca Mella
@online{martire:20190326:ursnif:1d301b8, author = {Luigi Martire and Davide Testa and Luca Mella}, title = {{The Ursnif Gangs keep Threatening Italy}}, date = {2019-03-26}, organization = {Yoroi}, url = {https://blog.yoroi.company/research/the-ursnif-gangs-keep-threatening-italy/}, language = {English}, urldate = {2022-02-02} } The Ursnif Gangs keep Threatening Italy
ISFB
2019-02-26YoroiZLAB-Yoroi
@online{zlabyoroi:20190226:arsenal:ce0227f, author = {ZLAB-Yoroi}, title = {{The Arsenal Behind the Australian Parliament Hack}}, date = {2019-02-26}, organization = {Yoroi}, url = {https://blog.yoroi.company/research/the-arsenal-behind-the-australian-parliament-hack/}, language = {English}, urldate = {2020-01-13} } The Arsenal Behind the Australian Parliament Hack
LazyCat powerkatz Unidentified 057
2019-02-07YoroiAntonio Farina, Davide Testa, Antonio Pirozzi
@online{farina:20190207:ursnif:f25be00, author = {Antonio Farina and Davide Testa and Antonio Pirozzi}, title = {{Ursnif: Long Live the Steganography!}}, date = {2019-02-07}, organization = {Yoroi}, url = {https://blog.yoroi.company/research/ursnif-long-live-the-steganography/}, language = {English}, urldate = {2022-02-02} } Ursnif: Long Live the Steganography!
ISFB
2018-12-20YoroiDavide Testa, Luigi Martire, Antonio Pirozzi, Luca Mella
@online{testa:20181220:dissecting:e9c16fb, author = {Davide Testa and Luigi Martire and Antonio Pirozzi and Luca Mella}, title = {{Dissecting the Danabot Payload Targeting Italy}}, date = {2018-12-20}, organization = {Yoroi}, url = {https://blog.yoroi.company/research/dissecting-the-danabot-paylaod-targeting-italy/}, language = {English}, urldate = {2022-02-02} } Dissecting the Danabot Payload Targeting Italy
DanaBot